Contents x
Decisions Platform in an iFrame
  • 18 Oct 2021
  • 1 Minute to read
  • Print
  • Dark
    Light
Contents
  This documentation version is deprecated, please click here for the latest version.

Decisions Platform in an iFrame

  • Updated on 18 Oct 2021
  • 1 Minute to read
  • Print
  • Dark
    Light
Article summary

Overview

When Decisions is installed the default settings allow the Portal to be opened in the iFrame, but only within the same domain. This document will go over how to change this setting.

Example

  1. In Windows File Explorer, navigate to C:\Program Files\Decisions\Decisions Web Host and open the web.config file with a preferred code editor.

    2019-12-18_14h21_07.png

  2. Use the Find function in the code editor to locate the line that contains "X-Frame-Options". 
  3. The following code block includes the "X-Frame-Options" and the "Content Security Policy".
    <httpProtocol>

           <customHeaders>

               <add name="X-Frame-Options" value="SAMEORIGIN" />

           </customHeaders>

       </httpProtocol>

Implemented with the HTTP headers Content Security Policy and Cache Control and x content type options.

<httpProtocol>

           <customHeaders>

               <add name="Content-Security-Policy" value="default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' 'unsafe-inline' data:; style-src 'self' 'unsafe-inline' 'unsafe-eval'; font-src 'self' data:; worker-src 'self' 'unsafe-inline' blob:"  />

               <add name="X-Content-Type-Options" value="nosniff" />

           </customHeaders>

       </httpProtocol>
  4. The value above is set to SAMEORIGIN which allows the page to be used in a frame as long as the page is included in the same site that is serving the page. 
  5. The other configurable value for this setting is denied, which prevents the page from being displayed in a frame.
    access-control-allow is a valid format that is used. Please see the example below.

    2020-01-20_09h36_57.png

  6. Once the desired value has been set, save the web.config file to apply the changes.
  7. Then, restart Service Host Manager by right-clicking the System Folder in the Designer Studio and selecting Restart Instance.

    2019-12-18_14h48_05.gif

    Additional Information
    For more information on how to restart Service Host Manager, please visit the How To Restart SHM article.

    For information regarding how to fix issues with SSO Redirection, see Troubleshooting SSO Redirection - SameSite Cookies.
    Reminder!
    Each browser has different compatibility with these settings. To verify that the browser will honor the desired setting, refer to the Browser Compatibility chart on Mozilla’s website by using the following link: Mozilla's X-Frame Options
Was this article helpful?
What's Next
Decisions
Resources
Organization
Connect